﻿<!DOCTYPE html>
@{
    if (false)
    {
        <script src="~/LiberUI/Scripts/jquery.js"></script>
        <script src="~/LiberUI/Scripts/LiberUI.Base.js"></script>
        <script src="~/LiberUI/Scripts/LiberUI.js"></script>
        <script src="~/LiberUI/Scripts/LiberUI.Action.js"></script>
    }
}
<html>
<head>
    <meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no"/>
    <meta name="renderer" content="webkit">
    <link href="/LiberUI/Style/LiberUI.css" rel="stylesheet" />
    <link href="/SiteUI/Base.css" rel="stylesheet" />
    <script src="/LiberUI/Scripts/jquery.js"></script>
    <script src="/LiberUI/Scripts/LiberUI.Base.js"></script>
    <script src="/LiberUI/Scripts/LiberUI.Action.js"></script>
    <script src="/LiberUI/Scripts/LiberUI.js"></script>
    <script src="/LiberUI/Scripts/laytpl.js"></script>
    <link href="/SiteUI/detail.css" rel="stylesheet" />
    <script src="/SiteUI/res_sobiz.js"></script>
    <script src="/SiteUI/res_setting.js"></script>
</head>
<body>
    @RenderPage("/Views/Shared/_common.cshtml")
    @RenderBody()

    <script>
        var User = {

        };
        var View = {
            getUserInfoEnd: function (rtn) {
                if (rtn.IsPositive) {
                    User = rtn.Data;
                    User.setting = mesh(fullSetting, JSON.parse(User.setting));
                    $("body").trigger("UserReady");
                }
                else {
                    error("未登录", "会话失效，请重新登录").on("disposed", function () { window.location = "/Index.html"; });
                }
            },
            CheckAuthor: function (obj, elm) {
                if (!elm) {
                    elm = $("body");
                }

                //检查所有需要检查obj-auth的元素
                elm.find("[obj-auth]").each(function () {
                    var e = $(this);
                    var flag = false;
                    var h = e.attr("execute");

                    //首先，根据obj-role检查此元素是否
                    var roles = e.attr("obj-role");
                    if (roles) {
                        roles = roles.split('|');
                        roles.forEach(function (r) {
                            if (obj[r] && obj[r].idstr === User.idstr) {
                                flag = true;
                            }
                        })
                    }

                    //如果检查没通过，或者没有指定obj-role
                    //如果指定了obj-org和obj-action，则再检查数据权限
                    if (!flag) {
                        var orgs = e.attr("obj-org");  //元素上通过此属性指示如何获取数据对象的所属组织架构
                        var act = e.attr("obj-action");  //DOM元素上通过此属性指示所需的动作权限
                        if (orgs) {
                            orgs = orgs.split('|');
                            orgs.forEach(function (c) {
                                if (!flag) {
                                    var objOrg = obj[c];
                                    if (objOrg) {
                                        //首先判断用户是否拥有此数据所属组织架构的权限
                                        var aorg = User.AuthedOrgs.findObj("idstr", objOrg);
                                        //如果指定了需要动作权限，则再判断用户在是否拥有动作权限
                                        //TODO：判断用户获得动作权限的岗位所属部门是否高于订单所属部门
                                        if (act && aorg) {
                                            if (User.Authority.findObj("auth", act) != null) {
                                                flag = true;
                                            }
                                        }
                                        else if (aorg) {
                                            flag = true;
                                        }
                                        else {

                                        }
                                    }
                                }
                            })
                        }
                    }

                    //根据检查结果和指定的处理方式
                    if (!flag) {               
                        if (!h||h=='remove') {
                            e.remove();
                        }
                        else if (h == 'disable') {
                            e.disable();
                        }
                        else if (h == 'deny') {
                            error("缺少权限", "您无权查看此数据", 5, function () { window.history.go(-1); });
                        }
                        else {
                            e.vl("-");
                        }
                    }
                });


                //检查所有需要特定obj-status的元素，检查结果默认是采取禁用的方式处理
                elm.find("[obj-status]").each(function () {
                    var e = $(this);
                    var ss = e.attr("obj-status").split('|');
                    var sflag = false;
                    ss.forEach(function (s) {
                        if (obj.status == s) {
                            sflag = true;
                        }
                    })
                    if (!sflag) {
                        if (e.attr("execute") == 'disable') {
                            e.disable();
                        }
                        else {
                            e.remove();
                        }
                    }
                })
            }
        };

        $(function () {
            $.ajax({
                cache: false,
                async: true,
                timeout: 10000,
                contentType: "application/x-www-form-urlencoded; charset=utf-8",
                error: function (rtn, ev) {
                    if (rtn.status == '401') {
                        window.location = "/SoBiz/Index";
                    }
                }
            });
            //加载用户信息
            $.getJSON("/MyBiz/GetUserInfo", null, View.getUserInfoEnd);
        });
    </script>
</body>
</html>
